public-webauthn@w3.org from September 2016 by subject

-webauthn-registries now in repo (was: wrt registries (was: Spec status)

09/07/2016 W3C Web Authentication WG Agenda

09/14/2016 W3C Web Authentication WG Agenda

09/28/2016 W3C Web Authentication WG Agenda

[administrivia] regarding recent flood of commits from me..

[w3c/webauthn]

[w3c/webauthn] 00fe43: move IDL frags to applicable sections. fixes #112 ...

[w3c/webauthn] 03801e: Simplify attestation structure by moving details i...

[w3c/webauthn] 0554c6: ref IANA registries initial cut. fixes #127, #129...

[w3c/webauthn] 056041: abstract clarifications/polishing

[w3c/webauthn] 056c63: Address comments from @equalsJeffH

[w3c/webauthn] 08662c: Built by Travis-CI: 8b05ef86e013c96332b9220ca23e5a...

[w3c/webauthn] 0a7061: Move accountInformation into options.

[w3c/webauthn] 0e1e83: Built by Travis-CI: c39954b06957559f329deef4f7b59a...

[w3c/webauthn] 0f6533: Adds optional transport hints to CredentialDescrip...

[w3c/webauthn] 12ad7c: change names once more. See PR #161

[w3c/webauthn] 15cb5d: adding Rahul Ghosh

[w3c/webauthn] 15f313: Built by Travis-CI: 7131b932bd41f0307aa275d1cbf1bc...

[w3c/webauthn] 1bd90b: [administrivia] Add editor IDs

[w3c/webauthn] 1d1bec: Built by Travis-CI: 1bd90ba36efa46624295259e05dce3...

[w3c/webauthn] 1e567d: Built by Travis-CI: 678d018afeb332ec9452e51384d10d...

[w3c/webauthn] 1eebee: Clarify usage of transport hints (#225)

[w3c/webauthn] 200d14: more corrections

[w3c/webauthn] 248444: Adds optional transport hints to CredentialDescrip...

[w3c/webauthn] 25ece2: fixed spelling and formatting issues

[w3c/webauthn] 2996e3: Built by Travis-CI: 571361d0626d9f1b1f250386850b5e...

[w3c/webauthn] 2bdc46: Built by Travis-CI: f536c622601494e884894ac8f18324...

[w3c/webauthn] 2c659c: [administrivia] Rename img subdirectory to images ...

[w3c/webauthn] 2db6d3: remove 'Level:' from metadata - fix build?

[w3c/webauthn] 30b44c: [administrivia] Update previous versions to reflec...

[w3c/webauthn] 363279: Built by Travis-CI: 3e2986a60e5e755ea881e54491c6b4...

[w3c/webauthn] 36bce3: remove troublesome comment

[w3c/webauthn] 3a08cd: Secure context requirement: SHOULD -> MUST

[w3c/webauthn] 3b00cd: Built by Travis-CI: ca1f0ee7a224cd089e21ba7e5a0c53...

[w3c/webauthn] 3b547b: Adds optional transport hints to CredentialDescrip...

[w3c/webauthn] 3d8b78: Built by Travis-CI: 89eb30570f74b2b7c23baa679ca6dd...

[w3c/webauthn] 3e2986: [administrivia] Remove level so as not to pollute ...

[w3c/webauthn] 41912b: Built by Travis-CI: 91e4c05962fcf6f7306c2c9d9a298d...

[w3c/webauthn] 434db0: Fix a few long-standing technical issues (#196)

[w3c/webauthn] 443482: Allow caller to explicitly specify its claimed RP ...

[w3c/webauthn] 4dae38: proposed changes to vgb-modular-attestation work. ...

[w3c/webauthn] 4e4c50: Built by Travis-CI: 2d07450b288b4fc3b145851a6a4b8f...

[w3c/webauthn] 536902: adding draft-hodges-webauthn-registries source and...

[w3c/webauthn] 5438a0: Try out moving to latest copy of bikeshed to avoid...

[w3c/webauthn] 564b70: Markdown cleanup

[w3c/webauthn] 571361: [trivial] remove duplicate issue tracking declarat...

[w3c/webauthn] 57b4e9: type corrected

[w3c/webauthn] 5b0c13: Update to reflect WD-02 publication

[w3c/webauthn] 5bd3f4: Built by Travis-CI: 25ece289bcccedcb6538a29b469228...

[w3c/webauthn] 5dc647: Built by Travis-CI: c9051f9c463a3f9fe19cde4718f02d...

[w3c/webauthn] 615084: Token Binding ID: JWK -> opaque

[w3c/webauthn] 622b31: Merge remote-tracking branch 'refs/remotes/origin/...

[w3c/webauthn] 62b064: Adds optional transport hints to CredentialDescrip...

[w3c/webauthn] 62b67c: Cleaned up exposition of processing rules (#154)

[w3c/webauthn] 633d51: Token Binding ID: JWK -> opaque (#164)

[w3c/webauthn] 63524a: Built by Travis-CI: f3e6ad2b553c0bc29b8943e76651a8...

[w3c/webauthn] 658568: Issue #50: Add a Terminology Section

[w3c/webauthn] 672ce0: Built by Travis-CI: ef53034925537ecae76dc13759d121...

[w3c/webauthn] 678d01: [administrivia] add newline at end of readme.md

[w3c/webauthn] 6eed46: Built by Travis-CI: e93a23faefb797d81ac850f8ab17c9...

[w3c/webauthn] 6f11f1: Make attestation more modular (#161)

[w3c/webauthn] 708b0a: Built by Travis-CI: 5b0c13630486fac3e00fac51dc444d...

[w3c/webauthn] 7131b9: fix some grammar, add bikeshed clarifications, add...

[w3c/webauthn] 7426f5: Built by Travis-CI: 5369029b843d3eb049ec76d410b724...

[w3c/webauthn] 742ef3: Built by Travis-CI: 6f11f1ac889a7e7913d6eb45df0ecf...

[w3c/webauthn] 794386: Incorporate feedback from @equalsJeffH

[w3c/webauthn] 7c1c58: more notes added

[w3c/webauthn] 7f5a8e: Use RP macro in more places

[w3c/webauthn] 80bb3f: clarify optionality of FIDO MDS. Fixes #47.

[w3c/webauthn] 83332c: Be explicit about errors encountered during proces...

[w3c/webauthn] 8585ff: Update draft-hodges-webauthn-registries.xml

[w3c/webauthn] 885444: Built by Travis-CI: 6855bf00aca639c0c631f4aa8239e4...

[w3c/webauthn] 89a2ae: Complete merge from master by adding IDL lines tha...

[w3c/webauthn] 8b05ef: [administrivia] Change spec links to https

[w3c/webauthn] 8bc1da: Clean up blank spaces

[w3c/webauthn] 8f8b95: Built by Travis-CI: da0c45a617da9f99096a615b82c904...

[w3c/webauthn] 91e4c0: [administrivia] Add previous version link

[w3c/webauthn] 9267a9: Built by Travis-CI: b695628aeca3834a4dfa1348a72fce...

[w3c/webauthn] 976475: Built by Travis-CI: 1eebeed6cac57fb98cac7c7dd71e57...

[w3c/webauthn] 9ad442: Built by Travis-CI: 5438a06a9ffef8f6d1a46da4309843...

[w3c/webauthn] 9afddc: add comma to fix build

[w3c/webauthn] a0a9b0: Use RP macro in more places (#224)

[w3c/webauthn] a67e1a: ref HTML51 for object and Navigator

[w3c/webauthn] a71e06: Built by Travis-CI: b6a2790a029263f3b5763e8d76771e...

[w3c/webauthn] a7b266: incorp feedback from @vijaybh, thanks!

[w3c/webauthn] a9b46a: Built by Travis-CI: 5704488223a16b0e43c7d46ce7ddcb...

[w3c/webauthn] a9c6b3: Remove rpId from ClientData

[w3c/webauthn] ad3457: fix formatting

[w3c/webauthn] ad7e3a: Use a local copy of the bikeshed config

[w3c/webauthn] b098fe: added @mikewest to Acks

[w3c/webauthn] b3e453: remove internal

[w3c/webauthn] b4911a: Try out moving to latest copy of bikeshed to avoid...

[w3c/webauthn] b4c182: took a stab at #146.

[w3c/webauthn] b69562: add registry refs and update associated text (#192...

[w3c/webauthn] b6a279: Adding the User Verification Mode extension as per...

[w3c/webauthn] bd1324: Built by Travis-CI: da22064fa2d8e2c987d3a7ea993b5b...

[w3c/webauthn] c01b10: Built by Travis-CI: 30b44c2512fddd01c5a6d90982dc30...

[w3c/webauthn] c26b12: add [SecureContext] extended attr to WebAuthentica...

[w3c/webauthn] c32af8: Built by Travis-CI: ef76c833d3c4884e928d7e8a8d848f...

[w3c/webauthn] c39954: Adds optional transport hints to CredentialDescrip...

[w3c/webauthn] c464a6: Built by Travis-CI: 434db0790daf9d6aee354907ae6e7e...

[w3c/webauthn] c72a2b: Clarify usage of transport hints

[w3c/webauthn] ca1f0e: Allow callers to explicitly specify RP ID (#198)

[w3c/webauthn] cb1853: Change links to https

[w3c/webauthn] cfbffd: add id uniqueness requirements

[w3c/webauthn] d1ac4d: Represent binary data as ArrayBuffers instead of b...

[w3c/webauthn] d1c107: Built by Travis-CI: 633d51ed9b96852848b9fe3726f7e7...

[w3c/webauthn] d3f979: Make credentials unique for each (authenticator, r...

[w3c/webauthn] d43940: Add detail about error behavior to authenticator m...

[w3c/webauthn] d9b801: Built by Travis-CI: 8bc1dae8d113457f5fb717da7fff69...

[w3c/webauthn] da0c45: [administrivia] Update Readme.md with instructions...

[w3c/webauthn] dcddf5: Built by Travis-CI: b47b2e8462bbc75a8da23b562bf529...

[w3c/webauthn] dce57f: [administrivia] adding Prepare for TR metadata so ...

[w3c/webauthn] e289aa: fix formatting

[w3c/webauthn] e38ec6: Add issue tracking link to metadata per earlier co...

[w3c/webauthn] e8172c: ref whatwg HTML spec for origin & Navigator. Fixes...

[w3c/webauthn] e8e49d: fix some grammar, add bikeshed clarifications, add...

[w3c/webauthn] e8ea6e: Clarify usage of transport hints

[w3c/webauthn] e93a23: breakup IDL (#186)

[w3c/webauthn] ef5303: [administrivia] Fix deployment script to reflect i...

[w3c/webauthn] ef958e: Use a local copy of the bikeshed config (#190)

[w3c/webauthn] f03e4e: Incorporate feedback from @equalsJeffH

[w3c/webauthn] f3cc9d: Experiment with removing Credential object

[w3c/webauthn] f3e6ad: editorial cleanups (#185)

[w3c/webauthn] f3fa6b: Incorporated feedback from @rlin1

[w3c/webauthn] f44ba9: More feedback from @equalsJeffH

[w3c/webauthn] f536c6: Fixed spelling, grammar, and document syntax issue...

[w3c/webauthn] f7a4cd: Adds optional transport hints to CredentialDescrip...

[w3c/webauthn] f831e8: Built by Travis-CI: ef958e84b51b902a34adedc98aa9b7...

[w3c/webauthn] f85d72: Clarify usage of transport hints

[w3c/webauthn] fedb38: Clean up blank spaces

[webauthn] "relaxing the same-origin restriction"

[webauthn] "web origin of the script"

[webauthn] 4.1 heading should appear before the IDL

[webauthn] Add notion of internal/external to options

[webauthn] add references to IANA WebAuthn Attestation Formats and Extension Identifiers Registries

[webauthn] add references to IANA WebAuthn Attestation Types and Extension Identifiers Registries

[webauthn] add registry refs and update associated text

[webauthn] Adds optional transport hints to CredentialDescription

[webauthn] Allow caller to pick between strict and eTLD+1 matching

[webauthn] Allow callers to explicitly specify RP ID

[webauthn] assertionChallenge recommendations

[webauthn] Attestation format identifiers lack formal definition and matching rules

[webauthn] Attestation type identifiers lack formal definition and matching rules

[webauthn] Authenticator selection extension - should makeCredential fail if no specified authenticator can be found?

[webauthn] callerOrigin

[webauthn] clarify conveyance of attested public key

[webauthn] Clarify names for crypto algs, e.g. RS256

[webauthn] Clarify usage of transport hints

[webauthn] Clarify uses of ClientData

[webauthn] Clarify what is a proprietary attestation format and whether it should be designated by a prefix

[webauthn] Clarify which sign. algm.'s RP's must support (Sec. 4.3.2.1.2)

[webauthn] Clarify wording on authenticator selection

[webauthn] Create an Explainer document

[webauthn] Credential ID not signed

[webauthn] CredentialDescription -> CredentialDescriptor

[webauthn] Cut-and-paste error

[webauthn] define "attestation" in terminology section

[webauthn] Define a U2F attestation format

[webauthn] define requirements for attestation type specifications

[webauthn] Define UTF-8 string

[webauthn] Drop UAF references in favor of better explanation

[webauthn] Example Use Cases only has phone-as-authenticator example -- we should add another

[webauthn] Expand algorithm to include attestation format

[webauthn] facet should be defined in terms of the HTML Standard

[webauthn] Figure out how transport hints get from Authenticator to RP

[webauthn] Fixed spelling, grammar, and document syntax issues

[webauthn] imageURL privacy

[webauthn] Internationalization self review

[webauthn] Jeffh update reg draft

[webauthn] Location Extension and privacy

[webauthn] lowercase form of this RP ID

[webauthn] Make attestation more modular

[webauthn] Move `allowList` from optional to default on `getAssertion`

[webauthn] Move account argument to options

[webauthn] Move accountInformation into options.

[webauthn] Moving callers from U2F to WebAuthn

[webauthn] new commits pushed by equalsJeffH

[webauthn] new commits pushed by jcjones

[webauthn] new commits pushed by leshi

[webauthn] new commits pushed by rlin1

[webauthn] new commits pushed by selfissued

[webauthn] new commits pushed by vijaybh

[webauthn] new commits pushed by WebAuthnBot

[webauthn] New research suggest using ED512 instead of ED256.

[webauthn] Privacy across Account IDs

[webauthn] Privacy across OS accounts

[webauthn] Provide client instructions for testing whether authenticator has credential in excludeList

[webauthn] Relying Party or Server

[webauthn] Section 4: Mention requirement for user to give consent for key to be used

[webauthn] section {#uvm-extension} cites FIDO registry w/o proper references

[webauthn] Secure context should be MUST not SHOULD

[webauthn] should authenticator layer send hashed or unhashed rpId to authenticators?

[webauthn] Silent Authn? clarification of bit 0 in AuthenticatorData

[webauthn] Spec draft points to wrong GitHub issues page

[webauthn] Token Binding ID: JWK -> opaque

[webauthn] TPM attestation format spec is incomplete

[webauthn] Update draft-hodges-webauthn-registries.xml

[webauthn] update extensions framework to include interfacing with user agent permissions framework

[webauthn] Use a local copy of the bikeshed config

[webauthn] Use RP macro in more places

[webauthn] various editorial cleanups

[webauthn] WebAuthn available to Workers? aka "silent authentication"

[webauthn] WebAuthn extension identifiers lack match criteria and charset declaration

[webauthn] What if callerOrigin is an opaque origin

[webauthn] Where should transport hints go?

Account -> Options; ScopedCredentialParameters

Agenda for TPAC F2F

Agenda time request for IFAA introduction in TPAC F2F meeting

Are you okay with the opaque Token Binding IDs now?

Attestation changes (was RE: [webauthn] new commits pushed by rlin1)

Closed: [webauthn] "version 4 GUID" should be "version 4 UUID"

Closed: [webauthn] "web origin of the script"

Closed: [webauthn] 4.1 heading should appear before the IDL

Closed: [webauthn] AAGUID must be a "version 4 UUID" ?

Closed: [webauthn] Add Android "N" attestation type.

Closed: [webauthn] add references to IANA WebAuthn Attestation Formats and Extension Identifiers Registries

Closed: [webauthn] Attestation format identifiers lack formal definition and matching rules

Closed: [webauthn] callerOrigin

Closed: [webauthn] Change Android SafetyNet attestation type identifier ?

Closed: [webauthn] clarify content of algorithm member of ScopedCredentialParameters

Closed: [webauthn] clarify that at least one model of attestation must be employed

Closed: [webauthn] Clarify the definition of "origin"

Closed: [webauthn] Clarify which sign. algm.'s RP's must support (Sec. 4.3.2.1.2)

Closed: [webauthn] consider moving IDL from monolithic block to individual spec sections

Closed: [webauthn] Create an Explainer document

Closed: [webauthn] define "attestation" in terminology section

Closed: [webauthn] define requirements for attestation format specifications

Closed: [webauthn] do we need "Byte length l of AAGUID" ?

Closed: [webauthn] Expand algorithm to include attestation format

Closed: [webauthn] facet should be defined in terms of the HTML Standard

Closed: [webauthn] Figure out how transport hints get from Authenticator to RP

Closed: [webauthn] Location Extension and privacy

Closed: [webauthn] lowercase form of this RP ID

Closed: [webauthn] Provide client instructions for testing whether authenticator has credential in excludeList

Closed: [webauthn] Relying Party or Server

Closed: [webauthn] ScopedCredentialInfo attestation

Closed: [webauthn] Section 4.3: add reference to privacy

Closed: [webauthn] Section 4: Mention requirement for user to give consent for key to be used

Closed: [webauthn] section {#uvm-extension} cites FIDO registry w/o proper references

Closed: [webauthn] Secure context should be MUST not SHOULD

Closed: [webauthn] Should rpId be removed from clientData?

Closed: [webauthn] Spec draft points to wrong GitHub issues page

Closed: [webauthn] TAG review feedback: Align Credential interface with Credential Management?

Closed: [webauthn] Terminology consistency

Closed: [webauthn] The FIDO Metadata Service needs a non-FIDO analogous mechanism

Closed: [webauthn] tokenBinding in ClientData should be a binary type (perhaps base64) and not JsonWebKey

Closed: [webauthn] Underspecified error conditions

Closed: [webauthn] Usability Issue: Server Challenge timeout

Closed: [webauthn] WebAuthn extension identifiers lack match criteria and charset declaration

Closed: [webauthn] What if callerOrigin is an opaque origin

Closed: [webauthn] Where should transport hints go?

Comments to WD-01

diff-gmandyam-from-hodges-webauthn-registries-00c.pdf

diff: WD-webauthn-20160928 wd-02 from WD-webauthn-20160902 wd-01

Fwd: TPAC 2016 Registration Now Open -- Webauthn set to meet Tuesday, Sept. 20

fyi: "can i use" issue for adding WebAuthn impl assessment

fyi: normative deps to WHATWG specs for features not in W3C specs for CR/REC

move issue #155 to WD-02 ?

Proposed blog post announcing second public draft

referencing W3C or WhatWG specs (was: [webauthn] new commits pushed by equalsJeffH

Request for joint meeting at TPAC

WD-01 is now published

WebAuthn WD 28-Sep-2016 (aka WD-02) published

Last message date: Thursday, 29 September 2016 23:12:34 UTC